The Attorney General’s Office reported last Wednesday (15 July) that the Public Prosecution has ordered the pre-trial detention of the Information Security Officer and the Director of the Information Technology Department at the Central Bank of Libya.

The Public Prosecution’s investigation aimed at identifying the factors that facilitated the breach of the CBL’s data system and the compromise of its operational environment – cyber-attack.

The investigation revealed that the attackers exploited the system administrator's account to carry out thousands of unauthorized access attempts. Within three days, they managed to establish a foothold in the system due to deficiencies in the adopted protection measures and the failure of the information security framework to address visible threat indicators—specifically, the failure to respond to an unexplained surge in data traffic.

Consequently, the Public Prosecution ordered the detention of the two accused individuals pending further investigation.

CBL confirms 9 June cyber incident
It will be recalled that the CBL had informed Libya Herald that the cyber incident announced on 9 June had been ‘‘fully contained’’. The source had explained that ‘‘comprehensive technical investigations were conducted and yielded significant results, while recovery and system restoration work continues according to the approved plan’’.

CBL Addresses Alleged Data Leak Following Cybersecurity Incident

Central Bank of Libya Says 9 June Cyber Incident Is Fully Contained

Set as preferred source